Navicent Health, a part of Central Georgia Health System, has disclosed that it suffered a data breach as the result of a digital attack. The second-largest hospital in Georgia and the only regional Level I Trauma Center, Navicent Health explains in a data breach notice that it learned of a digital attack involving some of its employees corporate email accounts in July 2018. This investigation revealed on 24 January 2019 that the security incident had affected some email accounts containing patients’ personal information including their names, dates of birth, addresses, medical information, billing data and Social Security Numbers. A closer look by Navicent Health found no evidence of identity theft and no indication of whether a bad actor viewed patients’ data. Patients affected by the Navicent Health data breach should defend themselves against identity thieves by protecting their web accounts with strong passwords, enabling multi-factor authentication (MFA) where available and using a VPN.